我在 ASP.net Core 2(Windows 身份验证)上有一个 API,在 angular 上有一个前端。我进行了 cors 配置以从 SPA 角度查询我的后端,但由于预检而被 IIS 服务器拒绝,因为他没有身份信息而被阻止。
错误信息 :
Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://XXXXXX' is therefore not allowed access. The response had HTTP status code 401.
代码侧正面:
//MY HEADER
private headers = new Headers({
'Content-Type': 'application/json',
'Access-Control-Allow-Credentials':'true',
'Access-Control-Allow-Origin':'true'
});
//REQUEST
let options = new RequestOptions({headers:this.headers, withCredentials:true});
return this.http.get(this.tasksUrl,options).map(res=>res.json());
代码背面:(Startup.cs)
public void ConfigureServices(IServiceCollection services)
{
services.AddCors();
services.AddCors(options =>
{ …javascript windows-authentication cors asp.net-web-api preflight